kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #83855
[Bug 1379020] Re: lacks seccomp-tsync support
2014-08-11 seccomp: Replace BUG(!spin_is_locked()) with assert_spin_lock
2014-07-18 seccomp: implement SECCOMP_FILTER_FLAG_TSYNC
2014-07-18 seccomp: allow mode setting across threads
2014-07-18 seccomp: introduce writer locking
2014-07-18 seccomp: split filter prep from check and apply
2014-07-18 sched: move no_new_privs into new atomic flags
2014-07-18 MIPS: add seccomp syscall
2014-07-18 ARM: add seccomp syscall
2014-07-18 seccomp: add "seccomp" syscall
2014-07-18 seccomp: split mode setting routines
2014-07-18 seccomp: extract check/assign mode helpers
2014-07-18 seccomp: create internal mode-setting function
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1379020
Title:
lacks seccomp-tsync support
Status in “linux” package in Ubuntu:
Incomplete
Status in “linux” source package in Trusty:
Incomplete
Bug description:
For Chrome (and other seccomp users like LXC), the thread-sync
features for seccomp would provide better process isolation. The
feature landed in kernel 3.17, and is relatively easy to back-port.
The upstream seccomp regression tests can be used to verify both the
new features and the old API, to prove there were no regressions.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1379020/+subscriptions
References